From 111e6035ae1eadb370481f26b4c1dd1d5cd801b5 Mon Sep 17 00:00:00 2001
From: Laur IVAN <laur.ivan@ec.europa.eu>
Date: Wed, 11 Feb 2026 00:44:30 +0100
Subject: [PATCH] chore: Add talos upgrade

---
 .../apps/system-upgrade/kustomization.yaml    |  8 ++++
 kubernetes/apps/system-upgrade/namespace.yaml |  7 +++
 .../system-upgrade/tuppr/app/helmrelease.yaml | 12 +++++
 .../tuppr/app/kustomization.yaml              |  7 +++
 .../tuppr/app/ocirepository.yaml              | 12 +++++
 kubernetes/apps/system-upgrade/tuppr/ks.yaml  | 46 +++++++++++++++++++
 .../tuppr/upgrades/kubernetes.yaml            | 18 ++++++++
 .../system-upgrade/tuppr/upgrades/talos.yaml  | 20 ++++++++
 8 files changed, 130 insertions(+)
 create mode 100644 kubernetes/apps/system-upgrade/kustomization.yaml
 create mode 100644 kubernetes/apps/system-upgrade/namespace.yaml
 create mode 100644 kubernetes/apps/system-upgrade/tuppr/app/helmrelease.yaml
 create mode 100644 kubernetes/apps/system-upgrade/tuppr/app/kustomization.yaml
 create mode 100644 kubernetes/apps/system-upgrade/tuppr/app/ocirepository.yaml
 create mode 100644 kubernetes/apps/system-upgrade/tuppr/ks.yaml
 create mode 100644 kubernetes/apps/system-upgrade/tuppr/upgrades/kubernetes.yaml
 create mode 100644 kubernetes/apps/system-upgrade/tuppr/upgrades/talos.yaml

diff --git a/kubernetes/apps/system-upgrade/kustomization.yaml b/kubernetes/apps/system-upgrade/kustomization.yaml
new file mode 100644
index 0000000..b5ed4e4
--- /dev/null
+++ b/kubernetes/apps/system-upgrade/kustomization.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+namespace: system-upgrade
+
+resources:
+  - ./namespace.yaml
+  - ./tuppr/ks.yaml
diff --git a/kubernetes/apps/system-upgrade/namespace.yaml b/kubernetes/apps/system-upgrade/namespace.yaml
new file mode 100644
index 0000000..7fad8e4
--- /dev/null
+++ b/kubernetes/apps/system-upgrade/namespace.yaml
@@ -0,0 +1,7 @@
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: _
+  annotations:
+    kustomize.toolkit.fluxcd.io/prune: disabled
\ No newline at end of file
diff --git a/kubernetes/apps/system-upgrade/tuppr/app/helmrelease.yaml b/kubernetes/apps/system-upgrade/tuppr/app/helmrelease.yaml
new file mode 100644
index 0000000..5ae3216
--- /dev/null
+++ b/kubernetes/apps/system-upgrade/tuppr/app/helmrelease.yaml
@@ -0,0 +1,12 @@
+---
+apiVersion: helm.toolkit.fluxcd.io/v2
+kind: HelmRelease
+metadata:
+  name: tuppr
+spec:
+  chartRef:
+    kind: OCIRepository
+    name: tuppr
+  interval: 30m
+  values:
+    replicaCount: 2
\ No newline at end of file
diff --git a/kubernetes/apps/system-upgrade/tuppr/app/kustomization.yaml b/kubernetes/apps/system-upgrade/tuppr/app/kustomization.yaml
new file mode 100644
index 0000000..4879312
--- /dev/null
+++ b/kubernetes/apps/system-upgrade/tuppr/app/kustomization.yaml
@@ -0,0 +1,7 @@
+---
+# yaml-language-server: $schema=https://json.schemastore.org/kustomization
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - ./helmrelease.yaml
+  - ./ocirepository.yaml
\ No newline at end of file
diff --git a/kubernetes/apps/system-upgrade/tuppr/app/ocirepository.yaml b/kubernetes/apps/system-upgrade/tuppr/app/ocirepository.yaml
new file mode 100644
index 0000000..891d0a7
--- /dev/null
+++ b/kubernetes/apps/system-upgrade/tuppr/app/ocirepository.yaml
@@ -0,0 +1,12 @@
+---
+apiVersion: source.toolkit.fluxcd.io/v1
+kind: OCIRepository
+metadata:
+  name: tuppr
+spec:
+  interval: 15m
+  layerSelector:
+    mediaType: application/vnd.cncf.helm.chart.content.v1.tar+gzip
+    operation: copy
+  ref:
+    tag: 0.0.52
\ No newline at end of file
diff --git a/kubernetes/apps/system-upgrade/tuppr/ks.yaml b/kubernetes/apps/system-upgrade/tuppr/ks.yaml
new file mode 100644
index 0000000..89ef2e9
--- /dev/null
+++ b/kubernetes/apps/system-upgrade/tuppr/ks.yaml
@@ -0,0 +1,46 @@
+---
+# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/refs/heads/main/kustomization-kustomize-v1.json
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
+metadata:
+  name: tuppr
+spec:
+  commonMetadata:
+    labels:
+      app.kubernetes.io/name: tuppr
+  healthChecks:
+    - apiVersion: helm.toolkit.fluxcd.io/v2
+      kind: HelmRelease
+      name: tuppr
+      namespace: system-upgrade
+  interval: 1h
+  path: "./kubernetes/apps/system-upgrade/tuppr/app"
+  prune: true
+  sourceRef:
+    kind: GitRepository
+    name: flux-system
+    namespace: flux-system
+  targetNamespace: system-upgrade
+  timeout: 5m
+---
+# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/refs/heads/main/kustomization-kustomize-v1.json
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
+metadata:
+  name: tuppr-upgrades
+spec:
+  commonMetadata:
+    labels:
+      app.kubernetes.io/name: tuppr
+  dependsOn:
+    - name: tuppr
+  interval: 1h
+  path: "./kubernetes/apps/system-upgrade/tuppr/upgrades"
+  prune: true
+  sourceRef:
+    kind: GitRepository
+    name: flux-system
+    namespace: flux-system
+  targetNamespace: system-upgrade
+  timeout: 5m
+  wait: false
\ No newline at end of file
diff --git a/kubernetes/apps/system-upgrade/tuppr/upgrades/kubernetes.yaml b/kubernetes/apps/system-upgrade/tuppr/upgrades/kubernetes.yaml
new file mode 100644
index 0000000..7b6d6d4
--- /dev/null
+++ b/kubernetes/apps/system-upgrade/tuppr/upgrades/kubernetes.yaml
@@ -0,0 +1,18 @@
+---
+apiVersion: tuppr.home-operations.com/v1alpha1
+kind: KubernetesUpgrade
+metadata:
+  name: kubernetes
+spec:
+  kubernetes:
+    # renovate: datasource=docker depName=ghcr.io/siderolabs/kubelet
+    version: v1.35.0
+  healthChecks:
+    - apiVersion: volsync.backube/v1alpha1
+      kind: ReplicationSource
+      expr: |-
+        status.conditions.filter(c, c.type == "Synchronizing").all(c, c.status == "False")
+    # - apiVersion: ceph.rook.io/v1
+    #   kind: CephCluster
+    #   expr: |-
+    #     status.ceph.health in ['HEALTH_OK']
\ No newline at end of file
diff --git a/kubernetes/apps/system-upgrade/tuppr/upgrades/talos.yaml b/kubernetes/apps/system-upgrade/tuppr/upgrades/talos.yaml
new file mode 100644
index 0000000..7ae473c
--- /dev/null
+++ b/kubernetes/apps/system-upgrade/tuppr/upgrades/talos.yaml
@@ -0,0 +1,20 @@
+---
+apiVersion: tuppr.home-operations.com/v1alpha1
+kind: TalosUpgrade
+metadata:
+  name: talos
+spec:
+  talos:
+    # renovate: datasource=docker depName=ghcr.io/siderolabs/installer
+    version: v1.12.3
+  policy:
+    rebootMode: default
+  healthChecks:
+    - apiVersion: volsync.backube/v1alpha1
+      kind: ReplicationSource
+      expr: |-
+        status.conditions.filter(c, c.type == "Synchronizing").all(c, c.status == "False")
+    # - apiVersion: ceph.rook.io/v1
+    #   kind: CephCluster
+    #   expr: |-
+    #     status.ceph.health in ['HEALTH_OK']
\ No newline at end of file